Interesting People mailing list archives
ip: Open letter to Geoff Greiveldinger, DoJ [key escrowed,
From: David Farber <farber () central cis upenn edu>
Date: Tue, 12 Sep 1995 20:18:22 -0400
Date: Fri, 8 Sep 1995 22:11:13 -0700 From: Carl Ellison <cme () clark net> Subject: Open letter to Geoff Greiveldinger, DoJ [key escrowed, export] NIST (the National Institute of Standards and Technology) held a two-day public meeting on 6-7 September, 1995 to discuss Software Key Escrow as a possible means of achieving export of cryptography. In the morning of 7 Sept, Goeff Greiveldinger of the Department of Justice gave a description of the kinds of crimes which DoJ wants to use wiretapping to solve. He closed this litany of lawbreaking with the assertion that software manufacturers don't want to provide products which allow such lawbreakers to keep their criminal evidence hidden from law enforcement. I'm sorry to disillusion you, Geoff, but I *do* want to make such systems. Would you have Ryder stop renting trucks because some terrorist decided to fill one with explosives and kill many innocent children? Would you have Americans stop making automobiles because bank robbers have been known to use cars for getaways? Would you have all new buildings constructed with FBI microphones in every wall because some criminals meet in private rooms in order to plan crimes? When an American company sweeps its conference room for bugs, finds some and destroys them, it doesn't matter whether those bugs were planted by industrial spies or the FBI. The company has a right to eliminate them. When that company ties two such conference rooms together by video-conference equipment and encrypts the line between them using strong link encryption, it is performing the same defensive operation in cyberspace. It is protecting itself from spies and it doesn't matter that the wiretaps it frustrates might be illegal ones by industrial spies or legal ones by the FBI. The right to attempt to achieve privacy is a long-standing one in this country and not one to allow to be lost. When I design and build systems for privacy for my customers, I am providing products for law-abiding, honest people. I am aware of criminals, of course. Criminals are the threats against whom I protect my customers. These criminals are usually not in the government but that doesn't mean that I believe I should offer my honest customers up for a strip-search in cyberspace. The law enforcement agencies of this free country have no right to expect blanket access to the ciphertext of citizens. It will take legislation to get that right and I will do everything in my power to keep such legislation from passing. Barring such legislation, I will make sure that honest American citizens have cryptography with which to attempt to maintain their privacy, even from the government. We have the right to attempt to keep a secret from government agencies and continuous demonstration of that right is an important part of this free country. On the other hand, I am sympathetic to law-enforcement officers. I have several friends in that business. I have asked my friends and acquaintances who do surveillance (2 IRS agents investigating organized crime for tax evasion; 2 undercover cops in Boston's highest drug neighborhood; 1 DEA agent in the midwest) if they ever encounter encrypted communications or files. They don't. Neither does anyone in their offices. Of course, even if they did it would remain so important to preserve our right to attempt to keep secrets from the government that their frustration would just have to be accepted. The fact that this isn't a real problem makes my decision that much easier. I am left with no moral qualms at all. In summary, criminals are so few that I will not design for them. I will not treat my vast majority of honest users as if they were criminals just because some criminal might someday use my product and frustrate you. ObRisk: We run the risk of losing our fundamental right to attempt to keep a secret from the government -- a practice we need to preserve in order to protect ourselves from criminals in cyberspace. There are powerful forces in the US government attempting to cajole us into giving up that right. [see http://www.clark.net/pub/cme/html/nist-ske.html for more on this subject]
Current thread:
- ip: Open letter to Geoff Greiveldinger, DoJ [key escrowed, David Farber (Sep 12)